<?php
/**
 * CodeIgniter
 *
 * An open source application development framework for PHP
 *
 * This content is released under the MIT License (MIT)
 *
 * Copyright (c) 2014 - 2017, British Columbia Institute of Technology
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in
 * all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 * THE SOFTWARE.
 *
 * @package	CodeIgniter
 * @author	EllisLab Dev Team
 * @copyright	Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/)
 * @copyright	Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/)
 * @license	http://opensource.org/licenses/MIT	MIT License
 * @link	https://codeigniter.com
 * @since	Version 2.0.0
 * @filesource
 */
defined ( 'BASEPATH' ) or exit ( 'No direct script access allowed' );

/**
 * CodeIgniter Session Class
 *
 * @package		CodeIgniter
 * @subpackage	Libraries
 * @category	Sessions
 * @author		Andrey Andreev
 * @link		https://codeigniter.com/user_guide/libraries/sessions.html
 */
class CI_Session {

	/**
	 * Userdata array
	 *
	 * Just a reference to $_SESSION, for BC purposes.
	 */
	public $userdata;

	protected $_driver = 'files';
	protected $_config;
	protected $_sid_regexp;

	// ------------------------------------------------------------------------


	/**
	 * Class constructor
	 *
	 * @param	array	$params	Configuration parameters
	 * @return	void
	 */
	public function __construct(array $params = array()) {
		// No sessions under CLI
		if (is_cli ()) {
			log_message ( 'debug', 'Session: Initialization under CLI aborted.' );
			return;
		} elseif (( bool ) ini_get ( 'session.auto_start' )) {
			log_message ( 'error', 'Session: session.auto_start is enabled in php.ini. Aborting.' );
			return;
		} elseif (! empty ( $params ['driver'] )) {
			$this->_driver = $params ['driver'];
			unset ( $params ['driver'] );
		} elseif ($driver = config_item ( 'sess_driver' )) {
			$this->_driver = $driver;
		} // Note: BC workaround
		elseif (config_item ( 'sess_use_database' )) {
			log_message ( 'debug', 'Session: "sess_driver" is empty; using BC fallback to "sess_use_database".' );
			$this->_driver = 'database';
		}

		$class = $this->_ci_load_classes ( $this->_driver );

		// Configuration ...
		$this->_configure ( $params );
		$this->_config ['_sid_regexp'] = $this->_sid_regexp;

		$class = new $class ( $this->_config );
		if ($class instanceof SessionHandlerInterface) {
			if (is_php ( '5.4' )) {
				session_set_save_handler ( $class, TRUE );
			} else {
				session_set_save_handler ( array ($class, 'open' ), array ($class, 'close' ), array ($class, 'read' ), array ($class, 'write' ), array ($class, 'destroy' ), array ($class, 'gc' ) );

				register_shutdown_function ( 'session_write_close' );
			}
		} else {
			log_message ( 'error', "Session: Driver '" . $this->_driver . "' doesn't implement SessionHandlerInterface. Aborting." );
			return;
		}

		// Sanitize the cookie, because apparently PHP doesn't do that for userspace handlers
		if (isset ( $_COOKIE [$this->_config ['cookie_name']] ) && (! is_string ( $_COOKIE [$this->_config ['cookie_name']] ) or ! preg_match ( '#\A' . $this->_sid_regexp . '\z#', $_COOKIE [$this->_config ['cookie_name']] ))) {
			unset ( $_COOKIE [$this->_config ['cookie_name']] );
		}

		session_start ();

		// Is session ID auto-regeneration configured? (ignoring ajax requests)
		if ((empty ( $_SERVER ['HTTP_X_REQUESTED_WITH'] ) or strtolower ( $_SERVER ['HTTP_X_REQUESTED_WITH'] ) !== 'xmlhttprequest') && ($regenerate_time = config_item ( 'sess_time_to_update' )) > 0) {
			if (! isset ( $_SESSION ['__ci_last_regenerate'] )) {
				$_SESSION ['__ci_last_regenerate'] = time ();
			} elseif ($_SESSION ['__ci_last_regenerate'] < (time () - $regenerate_time)) {
				$this->sess_regenerate ( ( bool ) config_item ( 'sess_regenerate_destroy' ) );
			}
		} // Another work-around ... PHP doesn't seem to send the session cookie
		// unless it is being currently created or regenerated
		elseif (isset ( $_COOKIE [$this->_config ['cookie_name']] ) && $_COOKIE [$this->_config ['cookie_name']] === session_id ()) {
			setcookie ( $this->_config ['cookie_name'], session_id (), (empty ( $this->_config ['cookie_lifetime'] ) ? 0 : time () + $this->_config ['cookie_lifetime']), $this->_config ['cookie_path'], $this->_config ['cookie_domain'], $this->_config ['cookie_secure'], TRUE );
		}

		$this->_ci_init_vars ();

		log_message ( 'info', "Session: Class initialized using '" . $this->_driver . "' driver." );
	}

	// ------------------------------------------------------------------------


	/**
	 * CI Load Classes
	 *
	 * An internal method to load all possible dependency and extension
	 * classes. It kind of emulates the CI_Driver library, but is
	 * self-sufficient.
	 *
	 * @param	string	$driver	Driver name
	 * @return	string	Driver class name
	 */
	protected function _ci_load_classes($driver) {
		// PHP 5.4 compatibility
		interface_exists ( 'SessionHandlerInterface', FALSE ) or require_once (BASEPATH . 'libraries/Session/SessionHandlerInterface.php');

		$prefix = config_item ( 'subclass_prefix' );

		if (! class_exists ( 'CI_Session_driver', FALSE )) {
			require_once (file_exists ( APPPATH . 'libraries/Session/Session_driver.php' ) ? APPPATH . 'libraries/Session/Session_driver.php' : BASEPATH . 'libraries/Session/Session_driver.php');

			if (file_exists ( $file_path = APPPATH . 'libraries/Session/' . $prefix . 'Session_driver.php' )) {
				require_once ($file_path);
			}
		}

		$class = 'Session_' . $driver . '_driver';

		// Allow custom drivers without the CI_ or MY_ prefix
		if (! class_exists ( $class, FALSE ) && file_exists ( $file_path = APPPATH . 'libraries/Session/drivers/' . $class . '.php' )) {
			require_once ($file_path);
			if (class_exists ( $class, FALSE )) {
				return $class;
			}
		}

		if (! class_exists ( 'CI_' . $class, FALSE )) {
			if (file_exists ( $file_path = APPPATH . 'libraries/Session/drivers/' . $class . '.php' ) or file_exists ( $file_path = BASEPATH . 'libraries/Session/drivers/' . $class . '.php' )) {
				require_once ($file_path);
			}

			if (! class_exists ( 'CI_' . $class, FALSE ) && ! class_exists ( $class, FALSE )) {
				throw new UnexpectedValueException ( "Session: Configured driver '" . $driver . "' was not found. Aborting." );
			}
		}

		if (! class_exists ( $prefix . $class, FALSE ) && file_exists ( $file_path = APPPATH . 'libraries/Session/drivers/' . $prefix . $class . '.php' )) {
			require_once ($file_path);
			if (class_exists ( $prefix . $class, FALSE )) {
				return $prefix . $class;
			} else {
				log_message ( 'debug', 'Session: ' . $prefix . $class . ".php found but it doesn't declare class " . $prefix . $class . '.' );
			}
		}

		return 'CI_' . $class;
	}

	// ------------------------------------------------------------------------


	/**
	 * Configuration
	 *
	 * Handle input parameters and configuration defaults
	 *
	 * @param	array	&$params	Input parameters
	 * @return	void
	 */
	protected function _configure(&$params) {
		$expiration = config_item ( 'sess_expiration' );

		if (isset ( $params ['cookie_lifetime'] )) {
			$params ['cookie_lifetime'] = ( int ) $params ['cookie_lifetime'];
		} else {
			$params ['cookie_lifetime'] = (! isset ( $expiration ) && config_item ( 'sess_expire_on_close' )) ? 0 : ( int ) $expiration;
		}

		isset ( $params ['cookie_name'] ) or $params ['cookie_name'] = config_item ( 'sess_cookie_name' );
		if (empty ( $params ['cookie_name'] )) {
			$params ['cookie_name'] = ini_get ( 'session.name' );
		} else {
			ini_set ( 'session.name', $params ['cookie_name'] );
		}

		isset ( $params ['cookie_path'] ) or $params ['cookie_path'] = config_item ( 'cookie_path' );
		isset ( $params ['cookie_domain'] ) or $params ['cookie_domain'] = config_item ( 'cookie_domain' );
		isset ( $params ['cookie_secure'] ) or $params ['cookie_secure'] = ( bool ) config_item ( 'cookie_secure' );

		session_set_cookie_params ( $params ['cookie_lifetime'], $params ['cookie_path'], $params ['cookie_domain'], $params ['cookie_secure'], TRUE )// HttpOnly; Yes, this is intentional and not configurable for security reasons
;

		if (empty ( $expiration )) {
			$params ['expiration'] = ( int ) ini_get ( 'session.gc_maxlifetime' );
		} else {
			$params ['expiration'] = ( int ) $expiration;
			ini_set ( 'session.gc_maxlifetime', $expiration );
		}

		$params ['match_ip'] = ( bool ) (isset ( $params ['match_ip'] ) ? $params ['match_ip'] : config_item ( 'sess_match_ip' ));

		isset ( $params ['save_path'] ) or $params ['save_path'] = config_item ( 'sess_save_path' );

		$this->_config = $params;

		// Security is king
		ini_set ( 'session.use_trans_sid', 0 );
		ini_set ( 'session.use_strict_mode', 1 );
		ini_set ( 'session.use_cookies', 1 );
		ini_set ( 'session.use_only_cookies', 1 );

		$this->_configure_sid_length ();
	}

	// ------------------------------------------------------------------------


	/**
	 * Configure session ID length
	 *
	 * To make life easier, we used to force SHA-1 and 4 bits per
	 * character on everyone. And of course, someone was unhappy.
	 *
	 * Then PHP 7.1 broke backwards-compatibility because ext/session
	 * is such a mess that nobody wants to touch it with a pole stick,
	 * and the one guy who does, nobody has the energy to argue with.
	 *
	 * So we were forced to make changes, and OF COURSE something was
	 * going to break and now we have this pile of shit. -- Narf
	 *
	 * @return	void
	 */
	protected function _configure_sid_length() {
		if (PHP_VERSION_ID < 70100) {
			$hash_function = ini_get ( 'session.hash_function' );
			if (ctype_digit ( $hash_function )) {
				if ($hash_function !== '1') {
					ini_set ( 'session.hash_function', 1 );
				}

				$bits = 160;
			} elseif (! in_array ( $hash_function, hash_algos (), TRUE )) {
				ini_set ( 'session.hash_function', 1 );
				$bits = 160;
			} elseif (($bits = strlen ( hash ( $hash_function, 'dummy', false ) ) * 4) < 160) {
				ini_set ( 'session.hash_function', 1 );
				$bits = 160;
			}

			$bits_per_character = ( int ) ini_get ( 'session.hash_bits_per_character' );
			$sid_length = ( int ) ceil ( $bits / $bits_per_character );
		} else {
			$bits_per_character = ( int ) ini_get ( 'session.sid_bits_per_character' );
			$sid_length = ( int ) ini_get ( 'session.sid_length' );
			if (($bits = $sid_length * $bits_per_character) < 160) {
				// Add as many more characters as necessary to reach at least 160 bits
				$sid_length += ( int ) ceil ( (160 % $bits) / $bits_per_character );
				ini_set ( 'session.sid_length', $sid_length );
			}
		}

		// Yes, 4,5,6 are the only known possible values as of 2016-10-27
		switch ($bits_per_character) {
			case 4 :
				$this->_sid_regexp = '[0-9a-f]';
				break;
			case 5 :
				$this->_sid_regexp = '[0-9a-v]';
				break;
			case 6 :
				$this->_sid_regexp = '[0-9a-zA-Z,-]';
				break;
		}
		if (PHP_VERSION_ID >= 70000) {
			$this->_sid_regexp .= '{10,' . $sid_length . '}';
		} else {
			$this->_sid_regexp .= '{' . $sid_length . '}';
		}
	}

	// ------------------------------------------------------------------------


	/**
	 * Handle temporary variables
	 *
	 * Clears old "flash" data, marks the new one for deletion and handles
	 * "temp" data deletion.
	 *
	 * @return	void
	 */
	protected function _ci_init_vars() {
		if (! empty ( $_SESSION ['__ci_vars'] )) {
			$current_time = time ();

			foreach ( $_SESSION ['__ci_vars'] as $key => &$value ) {
				if ($value === 'new') {
					$_SESSION ['__ci_vars'] [$key] = 'old';
				} // Hacky, but 'old' will (implicitly) always be less than time() ;)
				// DO NOT move this above the 'new' check!
				elseif ($value < $current_time) {
					unset ( $_SESSION [$key], $_SESSION ['__ci_vars'] [$key] );
				}
			}

			if (empty ( $_SESSION ['__ci_vars'] )) {
				unset ( $_SESSION ['__ci_vars'] );
			}
		}

		$this->userdata = & $_SESSION;
	}

	// ------------------------------------------------------------------------


	/**
	 * Mark as flash
	 *
	 * @param	mixed	$key	Session data key(s)
	 * @return	bool
	 */
	public function mark_as_flash($key) {
		if (is_array ( $key )) {
			for($i = 0, $c = count ( $key ); $i < $c; $i ++) {
				if (! isset ( $_SESSION [$key [$i]] )) {
					return FALSE;
				}
			}

			$new = array_fill_keys ( $key, 'new' );

			$_SESSION ['__ci_vars'] = isset ( $_SESSION ['__ci_vars'] ) ? array_merge ( $_SESSION ['__ci_vars'], $new ) : $new;

			return TRUE;
		}

		if (! isset ( $_SESSION [$key] )) {
			return FALSE;
		}

		$_SESSION ['__ci_vars'] [$key] = 'new';
		return TRUE;
	}

	// ------------------------------------------------------------------------


	/**
	 * Get flash keys
	 *
	 * @return	array
	 */
	public function get_flash_keys() {
		if (! isset ( $_SESSION ['__ci_vars'] )) {
			return array ();
		}

		$keys = array ();
		foreach ( array_keys ( $_SESSION ['__ci_vars'] ) as $key ) {
			is_int ( $_SESSION ['__ci_vars'] [$key] ) or $keys [] = $key;
		}

		return $keys;
	}

	// ------------------------------------------------------------------------


	/**
	 * Unmark flash
	 *
	 * @param	mixed	$key	Session data key(s)
	 * @return	void
	 */
	public function unmark_flash($key) {
		if (empty ( $_SESSION ['__ci_vars'] )) {
			return;
		}

		is_array ( $key ) or $key = array ($key );

		foreach ( $key as $k ) {
			if (isset ( $_SESSION ['__ci_vars'] [$k] ) && ! is_int ( $_SESSION ['__ci_vars'] [$k] )) {
				unset ( $_SESSION ['__ci_vars'] [$k] );
			}
		}

		if (empty ( $_SESSION ['__ci_vars'] )) {
			unset ( $_SESSION ['__ci_vars'] );
		}
	}

	// ------------------------------------------------------------------------


	/**
	 * Mark as temp
	 *
	 * @param	mixed	$key	Session data key(s)
	 * @param	int	$ttl	Time-to-live in seconds
	 * @return	bool
	 */
	public function mark_as_temp($key, $ttl = 300) {
		$ttl += time ();

		if (is_array ( $key )) {
			$temp = array ();

			foreach ( $key as $k => $v ) {
				// Do we have a key => ttl pair, or just a key?
				if (is_int ( $k )) {
					$k = $v;
					$v = $ttl;
				} else {
					$v += time ();
				}

				if (! isset ( $_SESSION [$k] )) {
					return FALSE;
				}

				$temp [$k] = $v;
			}

			$_SESSION ['__ci_vars'] = isset ( $_SESSION ['__ci_vars'] ) ? array_merge ( $_SESSION ['__ci_vars'], $temp ) : $temp;

			return TRUE;
		}

		if (! isset ( $_SESSION [$key] )) {
			return FALSE;
		}

		$_SESSION ['__ci_vars'] [$key] = $ttl;
		return TRUE;
	}

	// ------------------------------------------------------------------------


	/**
	 * Get temp keys
	 *
	 * @return	array
	 */
	public function get_temp_keys() {
		if (! isset ( $_SESSION ['__ci_vars'] )) {
			return array ();
		}

		$keys = array ();
		foreach ( array_keys ( $_SESSION ['__ci_vars'] ) as $key ) {
			is_int ( $_SESSION ['__ci_vars'] [$key] ) && $keys [] = $key;
		}

		return $keys;
	}

	// ------------------------------------------------------------------------


	/**
	 * Unmark flash
	 *
	 * @param	mixed	$key	Session data key(s)
	 * @return	void
	 */
	public function unmark_temp($key) {
		if (empty ( $_SESSION ['__ci_vars'] )) {
			return;
		}

		is_array ( $key ) or $key = array ($key );

		foreach ( $key as $k ) {
			if (isset ( $_SESSION ['__ci_vars'] [$k] ) && is_int ( $_SESSION ['__ci_vars'] [$k] )) {
				unset ( $_SESSION ['__ci_vars'] [$k] );
			}
		}

		if (empty ( $_SESSION ['__ci_vars'] )) {
			unset ( $_SESSION ['__ci_vars'] );
		}
	}

	// ------------------------------------------------------------------------


	/**
	 * __get()
	 *
	 * @param	string	$key	'session_id' or a session data key
	 * @return	mixed
	 */
	public function __get($key) {
		// Note: Keep this order the same, just in case somebody wants to
		//       use 'session_id' as a session data key, for whatever reason
		if (isset ( $_SESSION [$key] )) {
			return $_SESSION [$key];
		} elseif ($key === 'session_id') {
			return session_id ();
		}

		return NULL;
	}

	// ------------------------------------------------------------------------


	/**
	 * __isset()
	 *
	 * @param	string	$key	'session_id' or a session data key
	 * @return	bool
	 */
	public function __isset($key) {
		if ($key === 'session_id') {
			return (session_status () === PHP_SESSION_ACTIVE);
		}

		return isset ( $_SESSION [$key] );
	}

	// ------------------------------------------------------------------------


	/**
	 * __set()
	 *
	 * @param	string	$key	Session data key
	 * @param	mixed	$value	Session data value
	 * @return	void
	 */
	public function __set($key, $value) {
		$_SESSION [$key] = $value;
	}

	// ------------------------------------------------------------------------


	/**
	 * Session destroy
	 *
	 * Legacy CI_Session compatibility method
	 *
	 * @return	void
	 */
	public function sess_destroy() {
		session_destroy ();
	}

	// ------------------------------------------------------------------------


	/**
	 * Session regenerate
	 *
	 * Legacy CI_Session compatibility method
	 *
	 * @param	bool	$destroy	Destroy old session data flag
	 * @return	void
	 */
	public function sess_regenerate($destroy = FALSE) {
		$_SESSION ['__ci_last_regenerate'] = time ();
		session_regenerate_id ( $destroy );
	}

	// ------------------------------------------------------------------------


	/**
	 * Get userdata reference
	 *
	 * Legacy CI_Session compatibility method
	 *
	 * @returns	array
	 */
	public function &get_userdata() {
		return $_SESSION;
	}

	// ------------------------------------------------------------------------


	/**
	 * Userdata (fetch)
	 *
	 * Legacy CI_Session compatibility method
	 *
	 * @param	string	$key	Session data key
	 * @return	mixed	Session data value or NULL if not found
	 */
	public function userdata($key = NULL) {
		if (isset ( $key )) {
			return isset ( $_SESSION [$key] ) ? $_SESSION [$key] : NULL;
		} elseif (empty ( $_SESSION )) {
			return array ();
		}

		$userdata = array ();
		$_exclude = array_merge ( array ('__ci_vars' ), $this->get_flash_keys (), $this->get_temp_keys () );

		foreach ( array_keys ( $_SESSION ) as $key ) {
			if (! in_array ( $key, $_exclude, TRUE )) {
				$userdata [$key] = $_SESSION [$key];
			}
		}

		return $userdata;
	}

	// ------------------------------------------------------------------------


	/**
	 * Set userdata
	 *
	 * Legacy CI_Session compatibility method
	 *
	 * @param	mixed	$data	Session data key or an associative array
	 * @param	mixed	$value	Value to store
	 * @return	void
	 */
	public function set_userdata($data, $value = NULL) {
		if (is_array ( $data )) {
			foreach ( $data as $key => &$value ) {
				$_SESSION [$key] = $value;
			}

			return;
		}

		$_SESSION [$data] = $value;
	}

	// ------------------------------------------------------------------------


	/**
	 * Unset userdata
	 *
	 * Legacy CI_Session compatibility method
	 *
	 * @param	mixed	$key	Session data key(s)
	 * @return	void
	 */
	public function unset_userdata($key) {
		if (is_array ( $key )) {
			foreach ( $key as $k ) {
				unset ( $_SESSION [$k] );
			}

			return;
		}

		unset ( $_SESSION [$key] );
	}

	// ------------------------------------------------------------------------


	/**
	 * All userdata (fetch)
	 *
	 * Legacy CI_Session compatibility method
	 *
	 * @return	array	$_SESSION, excluding flash data items
	 */
	public function all_userdata() {
		return $this->userdata ();
	}

	// ------------------------------------------------------------------------


	/**
	 * Has userdata
	 *
	 * Legacy CI_Session compatibility method
	 *
	 * @param	string	$key	Session data key
	 * @return	bool
	 */
	public function has_userdata($key) {
		return isset ( $_SESSION [$key] );
	}

	// ------------------------------------------------------------------------


	/**
	 * Flashdata (fetch)
	 *
	 * Legacy CI_Session compatibility method
	 *
	 * @param	string	$key	Session data key
	 * @return	mixed	Session data value or NULL if not found
	 */
	public function flashdata($key = NULL) {
		if (isset ( $key )) {
			return (isset ( $_SESSION ['__ci_vars'], $_SESSION ['__ci_vars'] [$key], $_SESSION [$key] ) && ! is_int ( $_SESSION ['__ci_vars'] [$key] )) ? $_SESSION [$key] : NULL;
		}

		$flashdata = array ();

		if (! empty ( $_SESSION ['__ci_vars'] )) {
			foreach ( $_SESSION ['__ci_vars'] as $key => &$value ) {
				is_int ( $value ) or $flashdata [$key] = $_SESSION [$key];
			}
		}

		return $flashdata;
	}

	// ------------------------------------------------------------------------


	/**
	 * Set flashdata
	 *
	 * Legacy CI_Session compatibility method
	 *
	 * @param	mixed	$data	Session data key or an associative array
	 * @param	mixed	$value	Value to store
	 * @return	void
	 */
	public function set_flashdata($data, $value = NULL) {
		$this->set_userdata ( $data, $value );
		$this->mark_as_flash ( is_array ( $data ) ? array_keys ( $data ) : $data );
	}

	// ------------------------------------------------------------------------


	/**
	 * Keep flashdata
	 *
	 * Legacy CI_Session compatibility method
	 *
	 * @param	mixed	$key	Session data key(s)
	 * @return	void
	 */
	public function keep_flashdata($key) {
		$this->mark_as_flash ( $key );
	}

	// ------------------------------------------------------------------------


	/**
	 * Temp data (fetch)
	 *
	 * Legacy CI_Session compatibility method
	 *
	 * @param	string	$key	Session data key
	 * @return	mixed	Session data value or NULL if not found
	 */
	public function tempdata($key = NULL) {
		if (isset ( $key )) {
			return (isset ( $_SESSION ['__ci_vars'], $_SESSION ['__ci_vars'] [$key], $_SESSION [$key] ) && is_int ( $_SESSION ['__ci_vars'] [$key] )) ? $_SESSION [$key] : NULL;
		}

		$tempdata = array ();

		if (! empty ( $_SESSION ['__ci_vars'] )) {
			foreach ( $_SESSION ['__ci_vars'] as $key => &$value ) {
				is_int ( $value ) && $tempdata [$key] = $_SESSION [$key];
			}
		}

		return $tempdata;
	}

	// ------------------------------------------------------------------------


	/**
	 * Set tempdata
	 *
	 * Legacy CI_Session compatibility method
	 *
	 * @param	mixed	$data	Session data key or an associative array of items
	 * @param	mixed	$value	Value to store
	 * @param	int	$ttl	Time-to-live in seconds
	 * @return	void
	 */
	public function set_tempdata($data, $value = NULL, $ttl = 300) {
		$this->set_userdata ( $data, $value );
		$this->mark_as_temp ( is_array ( $data ) ? array_keys ( $data ) : $data, $ttl );
	}

	// ------------------------------------------------------------------------


	/**
	 * Unset tempdata
	 *
	 * Legacy CI_Session compatibility method
	 *
	 * @param	mixed	$data	Session data key(s)
	 * @return	void
	 */
	public function unset_tempdata($key) {
		$this->unmark_temp ( $key );
	}

}
